cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1517
Views
0
Helpful
3
Replies

Where Bridge Domain Store in ACI Fabric

williammanurung
Level 1
Level 1

Anyone know where gateway/bridge domain store in ACI Fabric?

Is it store on leaf or spine?

is it store on where the EPG exist?

3 Replies 3

Hello William--all of the config in ACI is stored on the APIC cluster.  The config is broken into shards and shared among the controllers in the cluster so that the loss of any one of the controllers won't negatively affect the integrity of the config.  The leafs and spines that make up the ACI fabric actually don't store any config, which is why you can't do a show run from the CLI of a node.  Instead you have to query the APIC for the running config of any node.  Like this:

 

apic1# fab 101 show run
----------------------------------------------------------------
Node 101 (aci1-leaf-101)
----------------------------------------------------------------
Incorrect command "show run"

 

apic1# show run leaf 101
# Command: show running-config leaf 101
# Time: Mon Mar 18 08:53:54 2019
leaf 101
!

!

 

An EPG is a logical construct, so it actually doesn't have a physical "location."  An EPG is a collection of endpoints that share some common characteristic.  An EPG could have endpoints all from a single leaf, or from multiple leafs, or from every leaf in the fabric. 

 

Hope this helps, MM

micgarc2
Cisco Employee
Cisco Employee

Bridge domain is deployed on the leaf. We wont deploy the BD/SVI unless there are actually EPs learned on the leaf for that EPG that the BD is tied to.

RedNectar
VIP
VIP

Hi  williammanurung,

You have asked a question that reveals one of the greatest features of ACI.

The answer is: A Bridge Domain (and its subnets) only exist on the Leaf Switches where it is needed. [The same is true for VRFs and EPGs]

So, if you have a leaf switch that has no EndPoints for a particular Bridge Domain, then the Bridge Domain will not exist on that leaf.  But the moment you assign an Endpoint attached to a leaf switch to an EndPoint Group that is linked to that Bridge Domain, the Bridge Domain will be created on the leaf (and if necessay, the VRF will also be created on that leaf too) and the subnet(s) for that BD will also suddenly appear on the leaf.  You'll see them by issuing a 

apic1# fabric Leaf_ID show ip route vrf Tenant_Name:VRF_Name

command on the APIC.  To see if the Bridge domain exists on a particular leaf use the following command:

apic1# fabric Leaf_ID show vlan [extended]

But that's not all.  The moment that there the last EndPoint for a particular BD is removed from a leaf, ACI dynamically removes the configration for the BD and Subnets.

This is WHY you buy ACI, so that all this is managed for you, and you don't have to worry about it.  Just think of the number of times you have seen configuration on a switch that is no longer needed. With ACI, this doesn't happen.

I hope this helps


Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem


RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Save 25% on Day-2 Operations Add-On License